대한전자공학회:학술대회논문집 (Proceedings of the IEEK Conference)
- 대한전자공학회 2007년도 하계종합학술대회 논문집
- /
- Pages.59-60
- /
- 2007
엔트로피를 이용한 이상 트래픽 측정: 실제 사례를 통한 접근
Anomalous Traffic Measurement using Entropy: An Empirical Study
- Kim, Jung-Hyun (Department of Electronics and Computer Engineering Hanyang University) ;
- Won, You-Jip (Department of Electronics and Computer Engineering Hanyang University)
- 발행 : 2007.07.11
초록
Entropy, one of leading metrics on anomalous traffic, attracts researcher's attention since a packet sampling and a traffic volume impact little on entropy value. In this paper, we apply the entropy metric to a domestic network traffic trace which has real anomalous traffics. We used source IP address/port and destination IP address/port that are important attributes of a packet as entropy variable We found that entropy value of multiple-port DoS attack shows something related to a staircase fashion. Also, we show a Possibility of detection of anomalous traffic on small time scale.
키워드